Case Study

UST helped global transportation company automate 70-80% of L1 SOC activities

With a managed security services provider (MSSP) engagement, CyberProof, a UST company, delivered a comprehensive security monitoring solution that automated 70-80% of the company’s L1 security activities. The streamlined, automated processes helped reduce SOC costs by 40%.

Style

Post-info

OUR CLIENT

Founded more than a century ago, this European freight transport and logistics company is one of the largest public companies in the world. With operations in 130 countries and over 100,000 employees, the company generates approximately $75 billion in annual revenue.

CHALLENGE

Automating and optimizing cybersecurity processes

The company’s security operations center (SOC) relied on manual processes to monitor and respond to security issues. Cybersecurity leaders wanted to introduce more efficient, automated processes to reduce the mean time to respond (MTTR) and resolve incidents. The global logistics company wanted to partner with a managed security services provider (MSSP) that could:

Provide 24x7 coverage for level 1 (L1) SOC activities - supporting all aspects of security operations and augmenting the capabilities of the company’s existing security team
Offer a more transparent approach to security - to replace the black box testing method of its incumbent security vendor
Leverage existing tools and technologies - to keep costs in check
Implement measurable KPIs - to understand the effectiveness of the MSSP engagement and continually optimize security operations

TRANSFORMATION

Using MSSP oversight and automations to improve operations

The multinational transportation and logistics company selected CyberProof, a UST company, as its MSSP to deliver fully managed security event monitoring capabilities. CyberProof developed a flexible, scalable security analytics and SOC monitoring solution that integrated the CyberProof Defense Center (CDC) platform with Microsoft Azure Sentinel.

The CDC platform provides the company’s security team with an automated, collaborative environment to monitor and respond to security threats using enriched alerts and robust reporting. Meanwhile, Azure Sentinel provides an intelligent security information and event management (SIEM) solution. CyberProof security experts also provide around-the-clock security event monitoring, event enrichment, and triage following customized threat detection rules, use cases, and digital playbooks.

IMPACT

Eliminating up to 80% of manual tasks helped cut SOC costs by 40%

With a solution hailed by the client, the company's Head of Cyber Defense said, "CyberProof's solution provided us with dramatically improved MTTR, thereby reducing the level of risk and minimizing impact. CyberProof’s virtual analyst, SeeMo, contributed to their ability to reduce human efforts and cut costs.”

The company has achieved these benefits:

Automated 70-80% of L1 activities - with alerts; orchestrated triage, investigation, and response activities; and our use case catalog, a library of customized use case kits consisting of prevention controls, detection rules, and response playbooks
Reduced SOC costs by 40% - thanks to the MSSP engagement; the automated, integrated CDC-Azure Sentinel solution; and cloud-native tools
Improved security visibility - by expanding the company’s cloud environment monitoring with the Azure Sentinel SIEM
Increased collaboration and transparency - with full visibility and control over SOC operations

RESOURCES

https://www.cyberproof.com/

https://www.ust.com/en/what-we-do/digital-transformation/automation